SonarQube Valuable Features

Steven Gomez
Lead Engineer at a pharma/biotech company with 1,001-5,000 employees
I like the dashboard it shows by default, where you can see things at a glance. At the same time, you can also drill way down and see a lot of stuff about your code, like complexity metrics, and things like that. It gives you a nice dashboard where you can just look at a birds-eye view. View full review »
Andrew Kew
Senior Java Developer at a financial services firm
Most features in the product are very useful, but there are some parts that I personally use more than others. 1. Code Convention: Using the tool to implement some sort of coding convention is really useful and ensures that the code is consistent no matter how many contributors. A very usual addition to this tool is an IntelliJ plugin called SonarLint, which integrates into your IDE, then allows you to run the convention rules file by file and receive immediate feedback when making changes. This removes the need to push to the server before finding out what issues you need to resolve. 2. Technical Debt: Being able to see how much technical debt there is within the project is useful, especially if your change increases this value. It's a good way to determine whether your change is improving the overall code quality or not. 3. Graphing: The tool has some very useful graphs which give you an overall view of how the code looks and/or changes with time. A graph that I find useful is the bubble chart. It shows three different metrics in a 2D graph. It shows the number of lines of code versus the number of issues in that project. The third dimension is the size of the bubble, which is technical debt in the project. So it's very easy to see which projects need immediate attention, if they are in the top-right quadrant of the graph as a very large circle, i.e., high number of issues, high number of lines of code, and high technical debt. Seeing which project/submodule is in which quadrant of the graph shows where work is needed. You can also drill into the project and see any submodules within that project as well. Very useful. View full review »
Phil Denomme
Manager at a wireless company with 11-50 employees
There are two major use cases. One is to integrate it into the developers' workbench so that they can bench check their code against what will be done in the server-based audit version. View full review »
Find out what your peers are saying about SonarQube, Veracode, Micro Focus and others in Application Security. Updated: August 2019.
360,284 professionals have used our research since 2012.
Jeff Ingalls
Automation Tool Specialist at a comms service provider with 1,001-5,000 employees
The most valuable feature is that it lays everything out and breaks it down, making it very easy to find and identify issues. SonarQube is really good for finding coding standards when people deviate from what we have set corporately. View full review »
ScalaCon4d53
Scala Contractor at a tech services company with 10,001+ employees
Code coverage of tests is their most valuable feature. Code coverage is of no value if it's high, but if it's a low number then that's of great value to me. View full review »
Inframan677
IT Infrastructure Head / Facilities Manager - ITIL V3 Certified ,Vmware Vsphere5 at a financial services firm with 51-200 employees
Code analyzing is very valuable for detecting vulnerabilities but it has limitations. View full review »
Kiran Gujju
Cyber Security Architect (USDA) at a government with 10,001+ employees
The most valuable features are the dashboard reports and the ease of integrating it with Jenkins. View full review »
Daniel Hall
Technical Architect with 1,001-5,000 employees
The most valuable features are the wide array of languages, multiple languages per project, the breakdown of bugs, and the description of vulnerabilities and code smells (best practices). View full review »
ViPres97886
Vice President at a financial services firm with 1,001-5,000 employees
The quantification and reporting features are really good. View full review »
Hervé KAMDEM
Country Manager Senegal at a financial services firm with 10,001+ employees
SonarQube is good for checking and maintaining code quality. View full review »
Jeff Ingalls
Automation Tool Specialist at a comms service provider with 1,001-5,000 employees
* The issues it identifies. * How easily it ties into our continuous integration pipeline. * It is very good at identifying technical debt. View full review »
AppSecAn0945
Application Security Analyst at a agriculture
The most valuable function is its usability. It uses a simple approach. View full review »
BvsReddy
Company Director at Alwyn Technologies
The most valuable feature is the display of issues, like in Jira. That is very helpful for us to track our coding. View full review »
Technicae22f
Technical Architect and Software Engineer at a tech services company
SonarQube is not valuable because of the information it gives it. We can gather that same information from several other tools as well. It is the way the information is presented that makes it so powerful. It provides a holistic picture of all quality issues in a software project. With SonarQube's web interface, it is easy to drill down to see the individual problems, but also to look at the project from above and get the big picture, with possible larger problem areas. View full review »
ServiceLineLead817
Service Line Leader at a tech services company with 10,001+ employees
This product is open source and very convenient. View full review »
Subhendu Mahapatra
Manager at a tech vendor with 10,001+ employees
The most valuable feature is the FindSecBugs (Find Security Bugs) plugin, which finds security vulnerabilities. View full review »
Find out what your peers are saying about SonarQube, Veracode, Micro Focus and others in Application Security. Updated: August 2019.
360,284 professionals have used our research since 2012.
Sign Up with Email